From 0b972f0816408fc696e75fd55de5cd160d6d7ccc Mon Sep 17 00:00:00 2001 From: "Suren A. Chilingaryan" Date: Thu, 20 Aug 2020 04:06:35 +0200 Subject: Add MySQL service (for Michele and other low-volume users) --- setup/projects/adei/vars/phpmyadmin.yml | 2 +- .../services/templates/01-mysql-secret.yml.j2 | 28 ++++++++++++++++++++++ setup/projects/services/vars/apps.yml | 1 + setup/projects/services/vars/mysql.yml | 21 ++++++++++++++++ setup/projects/services/vars/script.yml | 2 +- setup/projects/services/vars/volumes.yml | 12 ++++++---- 6 files changed, 60 insertions(+), 6 deletions(-) create mode 100644 setup/projects/services/templates/01-mysql-secret.yml.j2 create mode 100644 setup/projects/services/vars/mysql.yml diff --git a/setup/projects/adei/vars/phpmyadmin.yml b/setup/projects/adei/vars/phpmyadmin.yml index 323ea05..6bd54f7 100644 --- a/setup/projects/adei/vars/phpmyadmin.yml +++ b/setup/projects/adei/vars/phpmyadmin.yml @@ -8,7 +8,7 @@ phpmyadmin: env: - { name: "DB_SERVICE_HOST", value: "mysql-master.adei.svc.cluster.local" } - { name: "DB_SERVICE_PORT", value: "3306" } - - { name: "DB_EXTRA_HOSTS", value: "mysql-slave.adei.svc.cluster.local,mysql.katrin.svc.cluster.local,galera.adei.svc.cluster.local,asec-master.adei.svc.cluster.local,asec-slave.adei.svc.cluster.local" } + - { name: "DB_EXTRA_HOSTS", value: "mysql-slave.adei.svc.cluster.local,mysql.katrin.svc.cluster.local,galera.adei.svc.cluster.local,asec-master.adei.svc.cluster.local,asec-slave.adei.svc.cluster.local,mysql.services.svc.cluster.local" } # - { name: "DB_SERVICE_CONTROL_USER", value: "pma" } # - { name: "DB_SERVICE_CONTROL_PASSWORD", value: "secret@adei/pma-password" } probes: diff --git a/setup/projects/services/templates/01-mysql-secret.yml.j2 b/setup/projects/services/templates/01-mysql-secret.yml.j2 new file mode 100644 index 0000000..22412bc --- /dev/null +++ b/setup/projects/services/templates/01-mysql-secret.yml.j2 @@ -0,0 +1,28 @@ +apiVersion: v1 +kind: Template +metadata: + name: mysql-secret + labels: + app: mysql + annotations: + descriptions: "MySQL Secrets" +objects: +- apiVersion: v1 + kind: Secret + metadata: + annotations: + template.openshift.io/expose-ipe_password: '{.data[''ipe-password'']}' + template.openshift.io/expose-root_password: '{.data[''root-password'']}' + template.openshift.io/expose-pma_password: '{.data[''pma-password'']}' + name: mysql + stringData: + ipe-password: "{{ ands_secrets.ipepdv }}" + root-password: "{{ ands_secrets.ipepdv }}" + pma-password: "${PMA_PASSWORD}" +parameters: +- description: Password for the PMA connection user. + displayName: PMA Connection Password + from: '[a-zA-Z0-9]{16}' + generate: expression + name: PMA_PASSWORD + required: true diff --git a/setup/projects/services/vars/apps.yml b/setup/projects/services/vars/apps.yml index 3532941..a5216e2 100644 --- a/setup/projects/services/vars/apps.yml +++ b/setup/projects/services/vars/apps.yml @@ -1,3 +1,4 @@ apps: davmail: { provision: true, instantiate: true } gogs: { provision: true, instantiate: true } + mysql: { provision: true, instantiate: true } diff --git a/setup/projects/services/vars/mysql.yml b/setup/projects/services/vars/mysql.yml new file mode 100644 index 0000000..c174b61 --- /dev/null +++ b/setup/projects/services/vars/mysql.yml @@ -0,0 +1,21 @@ +mysql: + pods: + mysql: + service: { ports: [ 3306 ] } + groups: [ "services_mysql" ] + images: + - stream: "openshift/mysql:5.7" + env: + - { name: "MYSQL_USER", value: "ipe" } + - { name: "MYSQL_PASSWORD", value: "secret@mysql/ipe-password" } + - { name: "MYSQL_ROOT_PASSWORD", value: "secret@mysql/root-password" } + - { name: "MYSQL_DATABASE", value: "test" } + - { name: "MYSQL_PMA_PASSWORD", value: "secret@mysql/pma-password" } + - { name: "MYSQL_MAX_CONNECTIONS", value: "500" } + mappings: + - { name: "db", path: "mysql", mount: "/var/lib/mysql/data" } + resources: { request: { cpu: 500m, mem: 1Gi }, limit: { cpu: 2000m, mem: 4Gi } } + probes: + - { port: 3306 } +# - { type: "liveness", port: 3306 } +# - { type: "readiness", command: [/bin/sh, -i, -c, MYSQL_PWD="$MYSQL_PASSWORD" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE, -e 'SELECT 1'] } diff --git a/setup/projects/services/vars/script.yml b/setup/projects/services/vars/script.yml index f5d9378..6b306a8 100644 --- a/setup/projects/services/vars/script.yml +++ b/setup/projects/services/vars/script.yml @@ -1,6 +1,6 @@ oc: - storage: ".*" - - templates: "gogs*" + - templates: "*" - apps: ".*" - oc: "expose svc/davmail --type LoadBalancer --protocol TCP --generator service/v1 --name davmail-ingress" resource: "svc/davmail-ingress" diff --git a/setup/projects/services/vars/volumes.yml b/setup/projects/services/vars/volumes.yml index 192f572..0f7dbd4 100644 --- a/setup/projects/services/vars/volumes.yml +++ b/setup/projects/services/vars/volumes.yml @@ -1,8 +1,12 @@ gids: - services: { id: 9000 } + services: { id: 9000 } services_gogs: { id: 9001, users: [ 'csa', 'kopmann' ] } + services_sds: { id: 9002, users: [ 'csa', 'jalal' ] } + services_mysql: { id: 9005, users: [ 'csa', 'kopmann', 'jalal' ] } files: - - { osv: "data", path: "gogs", state: "directory", group: "services_gogs", mode: "02770" } - - { osv: "data/gogs", path: "gogs", state: "directory", group: "services_gogs", mode: "02770" } - + - { osv: "data", path: "gogs", state: "directory", group: "services_gogs", mode: "02770" } + - { osv: "db", path: "mysql", state: "directory", group: "services_mysql", mode: "02770" } +# - { osv: "data/gogs", path: "gogs", state: "directory", group: "services_gogs", mode: "02770" } +# - { osv: "etc", path: "sds", state: "directory", group: "services_sds", mode: "02770" } +# - { osv: "db", path: "sds", state: "directory", group: "services_sds", mode: "02770" } -- cgit v1.2.3